Improve signing tool

deltacv · Nov 19, 2024 · 4dc3bb7 · 4dc3bb7
1 parent 6c3dc16
commit 4dc3bb7
Show file tree

Hide file tree

Showing 4 changed files with 50 additions and 35 deletions.
diff --git a/Common/src/main/java/io/github/deltacv/eocvsim/plugin/security/Authority.kt b/Common/src/main/java/io/github/deltacv/eocvsim/plugin/security/Authority.kt
@@ -141,7 +141,7 @@ object AuthorityFetcher {
         val authoritiesToml = com.moandjiezana.toml.Toml().read(AUTHORITIES_FILE)
         val timestamp = authoritiesToml.getLong("timestamp")
 
-        if(currentTime - timestamp > TTL_DURATION_MS) {
+        if(timestamp != null && currentTime - timestamp > TTL_DURATION_MS) {
             AUTHORITIES_FILE.delete()
             logger.info("Authorities file has expired, clearing cache")
             cache.clear()

diff --git a/Common/src/main/java/io/github/deltacv/eocvsim/plugin/security/KeyGeneratorTool.kt b/Common/src/main/java/io/github/deltacv/eocvsim/plugin/security/KeyGeneratorTool.kt
@@ -30,15 +30,18 @@ import java.security.KeyPairGenerator
 import java.security.PrivateKey
 import java.util.Base64
 
-fun main() {
-    // Generate RSA key pair
-    val keyPair: KeyPair = generateKeyPair()
+object KeyGeneratorTool {
+    @JvmStatic
+    fun main(args: Array<String>) {
+        // Generate RSA key pair
+        val keyPair: KeyPair = generateKeyPair()
 
-    // Save keys to files
-    saveKeyToFile("private_key.pem", keyPair.private)
-    saveKeyToFile("public_key.pem", keyPair.public)
+        // Save keys to files
+        saveKeyToFile("private_key.pem", keyPair.private)
+        saveKeyToFile("public_key.pem", keyPair.public)
 
-    println("Keys generated and saved to files.")
+        println("Keys generated and saved to files 'private_key.pem' and 'public_key.pem'")
+    }
 }
 
 fun generateKeyPair(): KeyPair {

diff --git a/Common/src/main/java/io/github/deltacv/eocvsim/plugin/security/PluginSignatureVerifier.kt b/Common/src/main/java/io/github/deltacv/eocvsim/plugin/security/PluginSignatureVerifier.kt
@@ -70,7 +70,7 @@ object PluginSignatureVerifier {
             }
 
             val signatureToml = zip.getInputStream(signatureEntry).bufferedReader()
-            val signature = com.moandjiezana.toml.Toml().read(signatureToml)
+            val signature = Toml().read(signatureToml)
 
             val authorityName = signature.getString("authority")
             if (authorityName == null) {

diff --git a/Common/src/main/java/io/github/deltacv/eocvsim/plugin/security/PluginSigningTool.kt b/Common/src/main/java/io/github/deltacv/eocvsim/plugin/security/PluginSigningTool.kt
@@ -24,7 +24,6 @@
 package io.github.deltacv.eocvsim.plugin.security
 
 import com.github.serivesmejia.eocvsim.util.extension.hashString
-import com.github.serivesmejia.eocvsim.util.loggerForThis
 import picocli.CommandLine
 import java.io.File
 import java.security.KeyFactory
@@ -44,8 +43,6 @@ import kotlin.system.exitProcess
 
 class PluginSigningTool : Runnable {
 
-    val logger by loggerForThis()
-
     @picocli.CommandLine.Option(names = ["-p", "--plugin"], description = ["The plugin JAR file to sign"], required = true)
     var pluginFile: String? = null
 
@@ -56,27 +53,34 @@ class PluginSigningTool : Runnable {
     var privateKeyFile: String? = null
 
     override fun run() {
-        logger.info("Signing plugin $pluginFile with authority $authority")
+        println("Signing plugin $pluginFile with authority $authority")
 
         val authority = AuthorityFetcher.fetchAuthority(authority ?: throw IllegalArgumentException("Authority is required"))
         if (authority == null) {
+            println("Failed to fetch authority ${this.authority}")
             exitProcess(1)
         }
 
         // Load the private key
-        val privateKey = loadPrivateKey(privateKeyFile ?: throw IllegalArgumentException("Private key file is required"))
+        val privateKey = loadPrivateKey(privateKeyFile ?: throw IllegalArgumentException("Private key is required"))
+
+        val publicKey = authority.publicKey
 
-        val publicKey = authority.publicKey // Assuming Authority has a publicKey property
         if (!isPrivateKeyMatchingAuthority(publicKey, privateKey)) {
-            logger.error("Private key does not match to the authority's public key.")
+            println("Private key does not match to the authority's public key.")
             exitProcess(1)
         } else {
-            logger.info("Private key matches to the authority's public key.")
+            println("Private key matches to the authority's public key.")
+        }
+
+        if(pluginFile == null) {
+            println("Plugin file is required")
+            exitProcess(1)
         }
 
-        signPlugin(File(pluginFile), privateKey, authority)
+        signPlugin(File(pluginFile!!), privateKey, authority)
 
-        logger.info("Plugin signed successfully and saved")
+        println("Plugin signed successfully and saved")
     }
 
     private fun loadPrivateKey(privateKey: String): PrivateKey {
@@ -113,11 +117,11 @@ class PluginSigningTool : Runnable {
                 val signature = signClass(classData, privateKey)
                 signatures[className] = signature
 
-                logger.info("Signed class $className")
+                println("Signed class $className")
             }
         }
 
-        logger.info("Signed all classes, creating signature.toml in jar")
+        println("Signed all classes, creating signature.toml in jar")
 
         // Create signature.toml
         createSignatureToml(signatures, authority, jarFile)
@@ -199,24 +203,32 @@ class PluginSigningTool : Runnable {
 
         return sampleMessage == String(decrypted)
     }
-}
 
-fun main(args: Array<String>) {
-    if(args.isEmpty()) {
-        val scanner = Scanner(System.`in`)
+    companion object {
+        @JvmStatic
+        fun main(args: Array<String>) {
+            if(args.isEmpty()) {
+                println("This tool provides a command line interface, but no arguments were provided.")
+                println("If you want to use command line arguments, please provide them in the format:")
+                println("java ... --plugin <plugin.jar> --authority <authority> --key <private_key>")
+                println("\nWe'll now ask for the required information interactively.")
+
+                val scanner = Scanner(System.`in`)
 
-        val tool = PluginSigningTool()
-        println("Enter the plugin JAR file path:")
-        tool.pluginFile = scanner.next()
+                val tool = PluginSigningTool()
+                println("Enter the plugin JAR file path:")
+                tool.pluginFile = scanner.next()
 
-        println("Enter the authority to sign the plugin with:")
-        tool.authority = scanner.next()
+                println("Enter the authority to sign the plugin with:")
+                tool.authority = scanner.next()
 
-        println("Enter the private key file path:")
-        tool.privateKeyFile = scanner.next()
+                println("Enter the private key file path, or encoded in base64:")
+                tool.privateKeyFile = scanner.next()
 
-        tool.run()
-    } else {
-        CommandLine(PluginSigningTool()).execute(*args)
+                tool.run()
+            } else {
+                CommandLine(PluginSigningTool()).execute(*args)
+            }
+        }
     }
 }